Posts tagged “algorithms”

European car safety researchers have developed a camera-based system that watches your facial expressions while you drive, and then uses highly accurate emotion detection algorithms to work out when you’re suffering from road rage. The idea behind this system is that, when you’re irritated or angry, you become a more aggressive driver and less attentive — leading to more accidents. The same technology can also be used to measure tiredness and fatigue, by measuring the percentage of your eyelid closure, and then warning you to take a break before you fall asleep at the wheel.

This work, developed by EPFL’s Signal Processing 5 Laboratory (LTS5) in association with PSA Peugeot Citroen, uses an infrared camera placed behind the car’s steering wheel to track the seven universal hard-coded emotions that your face can show. Fear, anger, joy, sadness, disgust, surprise, and suspicion are so intrinsic to human nature that they have very specific muscle movements — movements that can be fairly easily picked up with an infrared camera and some computer vision software. As you can see in the video below, the software tracks your eyes, mouth, and nose, and from their movements it can work out what emotion you’re currently experiencing.

If your face registers “anger” or “disgust” for long enough, the software decides that you are stressed out and probably about to do something stupid. Because this is a prototype, all the EPFL system does is tell you when you’re suffering from road rage — but presumably a production version of the technology would do a lot more. Maybe it would pre-charge your breaks, ready for when you tailgate the guy in front of you? Or maybe, if your car has someautonomous driving features, they could quietly take over — so you think you’re still driving, but it’s actually your car that’s preventing you from swerving out of your lane or piling into the car in front of you. Maybe such a system could disable your car’s horn, too…

Moving forward, LTS5 hopes it can use its computer vision to detect other states, such as distraction, and to read your lips, which could considerably help with in-car voice recognition. It’s also worth pointing out that similar systems are already in production vehicles — ExtremeTech’s car of the year, the Mercedes-Benz S-Class, uses the steering wheel to detect when you’re drowsy. These systems don’t have quite the same range of emotion detection as camera-based solutions — but really, the ultimate system would combine both steering wheel and computer vision technologies, and also use sensors in your seat, noise sensors in the cockpit (noisy kids), and other clever techniques of assessing your road worthiness.

One day, when autonomous vehicles are the norm, you’ll be able to get into your car — and then it will automatically detect that you’re completely wasted, and then drive you home using a route that minimizes the risk of throwing up. One day.

At the Black Hat security conference in Las Vegas, a quartet of researchers, Alex Stamos, Tom Ritter, Thomas Ptacek, and Javed Samuel, implored everyone involved in cryptography, from software developers to certificate authorities to companies buying SSL certificates, to switch to newer algorithms and protocols, lest they wake up one day to find that all of their crypto infrastructure is rendered useless and insecure by mathematical advances.

We’ve written before about asymmetric encryption and its importance to secure communication. Asymmetric encryption algorithms have pairs of keys: one key can decrypt data encrypted with the other key, but cannot decrypt data encrypted with itself.

The asymmetric algorithms are built on an underlying assumption that certain mathematical operations are "hard," which is to say, that the time it takes to do the operation increases proportional to some number raised to the power of the length of the key ("exponential time"). However, this assumption is not actually proven, and nobody knows for certain if it is true. The risk exists that the problems are actually "easy," where "easy" means that there are algorithms that will run in a time proportional only to the key length raised to some constant power ("polynomial time").

The most widely used asymmetric algorithms (Diffie Hellman, RSA, and DSA) depend on the difficulty of two problems: integer factorization, and the discrete logarithm. The current state of the mathematical art is that there aren’t—yet—any easy, polynomial time solutions to these problems. However, after decades of relatively little progress in improving algorithms related to these problems, a flurry of activity in the past six months has produced faster algorithms for limited versions of the discrete logarithm problem.

At the moment, there’s no known way to generalize these improvements to make them useful to attack real cryptography, but the work is enough to make cryptographers nervous. They draw an analogy with the BEAST, CRIME, and BREACH attacks used to attack SSL. The theoretical underpinnings for these attacks are many years old, but for a long time were dismissed as merely theoretical and impossible to use in practice. It took new researchers and new thinking to turn them into practical attacks.

When that happened, it uncovered a software industry ill-prepared to cope. A lot of software, rather than allowing new algorithms and protocols to be easily plugged in, has proven difficult or impossible to change. This means that switching to schemes that are immune to the BEAST, CRIME, and BREACH attacks is much more difficult than it should be: though there are newer protocols and different algorithms that avoid the problems that these attacks exploit, compatibility concerns mean that they can’t be rapidly rolled out and used.

The attacks against SSL are at least fairly narrow in scope and utility. A general purpose polynomial time algorithm for integer factorization or the discrete logarithm, however, would not be narrow in scope or utility: it would be readily adapted to blow wide open almost all SSL/TLS, ssh, PGP, and other encrypted communication. (The two mathematical problems, while distinct, share many similarities, so it’s likely that an algorithm that solved integer factorization could be adapted in some way to solve the discrete logarithm, and vice versa).

Worse, it would make updating these systems in a trustworthy manner nearly impossible: operating systems such as Windows and OS X depend on digital signatures that in turn depend on these same mathematical underpinnings to protect against the installation of fraudulent or malicious updates. If the algorithms were undermined, there would be no way of verifying the authenticity of the updates.

While there’s no guarantee that this catastrophe will occur—it’s even possible that one day it might be proven that the two problems really are hard—the risk is enough to have researchers concerned. The difficulties of change that BEAST et al. demonstrated mean that if the industry is to have a hope of surviving such a revolution in cryptography, it must start making changes now. If it waits for a genius mathematician somewhere to solve these problems, it will be too late to do anything about it.

Fortunately, a solution of sorts does exist. A family of encryption algorithms called elliptic curve cryptography (ECC) exists. ECC is similar to the other asymmetric algorithms in that it’s based on a problem that’s assumed to be hard (in this case, the elliptic curve discrete logarithm). However, ECC has the additional property that its hard problem is sufficiently different from integer factorization and the regular discrete logarithm that breakthroughs in either of those shouldn’t imply breakthroughs in cracking ECC.

However, support for ECC is still very problematic. Much of the technology is patented by BlackBerry, and those patents are enforced. There are certain narrow licenses available for implementations of ECC that meet various US government criteria, but the broader patent issues have led some vendors to refuse to support the technology.

Further, support of protocols that can use ECC, such as TLS 1.2 (the latest iteration of SSL technology) is still not widely available. Certificate authorities have also been slow to offer ECC certificates.

As such, the researchers are calling for the computer industry as a whole to do two things. First, embrace ECC today. Second, ensure that systems that use cryptography are agile. They must not be lumbered with limited sets of algorithms and obsolete protocols. They must instead make updating algorithms and protocols quick and easy, to ensure that software systems can keep pace with the mathematical research, and adapt quickly to new developments and techniques. The cryptopocalypse might never happen—but we should be prepared in case it does.

A high court judge has ruled that a computer scientist cannot publish an academic paper over fears that it could lead to vehicle theft.

Flavio Garcia, from the University of Birmingham, has cracked the algorithm behind Megamos Crypto—a system used by several luxury car brands to verify the identity of keys used to start the ignition. He was intending to present his results at the Usenix Security Symposium.

But Volkswagen’s parent company, which owns the Porsche, Audi, Bentley and Lamborghini brands, asked the court to prevent the scientist from publishing his paper. It said that the information could "allow someone, especially a sophisticated criminal gang with the right tools, to break the security and steal a car."

The company asked the scientists to publish a redacted version of the paper without the crucial codes, but the researchers declined, claiming that the information is publicly available online.

Instead, they protested that "the public have a right to see weaknesses in security on which they rely exposed," adding that otherwise, "industry and criminals know security is weak but the public do not."

The judge, Colin Birss, ultimately sided with the car companies, despite saying he "recognized the importance of the right for academics to publish."